Update dnsf.py

dnsf.py

@@ -38,11 +38,13 @@ class watch_file():
         else:
             return False
 
+dns_resolver = "DNS=9.9.9.11#dns11.quad9.net"
+
+
 #systemd-resolved
 
 resolved = """
 [Resolve]
-DNS=9.9.9.11#dns11.quad9.net
 Domains=~.
 DNSSEC=true
 DNSOverTLS=yes
@@ -54,6 +56,10 @@ DNSStubListener=yes
 
 with open("/etc/systemd/resolved.conf", "w") as file:
     file.write(resolved)
+
+with open("/etc/systemd/resolved.conf", "a") as file:
+    file.write(dns_resolver)
+
 print('wrote systemd-resolved config.')
 run('systemctl restart systemd-resolved')
 
@@ -61,20 +67,15 @@ BPF_APP = r'''
 #include <linux/if_ether.h>
 #include <linux/in.h>
 #include <bcc/proto.h>
-
 int dns_matching(struct __sk_buff *skb) {
     u8 *cursor = 0;
-     // Checking the IP protocol:
     struct ethernet_t *ethernet = cursor_advance(cursor, sizeof(*ethernet));
-
     if (ethernet->type == ETH_P_IP) {
-         // Checking the UDP protocol:
+         // Checking that proto is UDP:
         struct ip_t *ip = cursor_advance(cursor, sizeof(*ip));
-
         if (ip->nextp == IPPROTO_UDP) {
-             // Check the port 53:
+             // Check if the port is 53:
             struct udp_t *udp = cursor_advance(cursor, sizeof(*udp));
-
             if (udp->dport == 53 || udp->sport == 53) {
                 return -1;
             }
@@ -104,8 +105,6 @@ iptables -A OUTPUT -j REJECT
 iptables -P INPUT DROP
 iptables -P FORWARD DROP
 iptables -P OUTPUT DROP
-mkdir -p /etc/iptables/
-iptables-save > /etc/iptables/rules.v4
 '''
 
 #iptables -A OUTPUT -d 127.0.0.0/8 -j ACCEPT
@@ -128,8 +127,6 @@ cnames = {}
 current_cnames = {}
 blocked = []
 
-
-
 def threaded(threadedfunc, inputd, threads=4):
     inputd = [x if isinstance(x,tuple) else tuple([x]) for x in inputd]
     import os